﻿using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;

namespace WebApplication1
{
    public partial class login : System.Web.UI.Page
    {
        protected void Page_Load(object sender, EventArgs e)
        {

        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            string name = Username.Text;
            string pass = Passsword.Text;

            string constr = "sever =.;uid =sa;database = Student_db";
            SqlConnection con = new SqlConnection(constr);

            string sql = "select * from StudentInfo where stu_name=@name and password = @pass";
            SqlParameter[] pars =
            {
            new SqlParameter("@name",name),
            new SqlParameter("@pass", pass)
        };
            try
            {
                con.Open();
                SqlCommand cmd = new SqlCommand(sql, con);
                cmd.Parameters.AddRange(pars);

                SqlDataReader sdr = cmd.ExecuteReader();

                if (sdr.Read())
                {
                    Session["CurrentUsername"] = name;
                    Literal1.Text = "登陆成功！";
                    Response.Redirect("HomePage.aspx");
                }
                else
                {
                    Literal1.Text = "用户名或密码错误！";
                }

            }
            catch (Exception x)
            {

                throw new Exception(x.Message.ToString());
            }
            finally
            {
                if (con!=null)
                {
                    con.Close();
                }
            }
        }

        protected void Button2_Click(object sender, EventArgs e)
        {
            Response.Redirect("Register.aspx");
        }
    }
}